Shiro framework learning (2)

Here, first demonstrate the application of shiro in the JavaSE project

Do not connect to the database first, use the ini file instead:

 1 [users]
 2 # user 'root' with password 'secret' and the 'admin' role
 3 root = secret, admin
 4 # user 'guest' with the password 'guest' and the 'guest' role
 5 guest = guest, guest
 6 # user 'presidentskroob' with password '12345' ("That's the same combination on
 7 # my luggage!!!" ;)), and role 'president'
 8 presidentskroob = 12345, president
 9 # user 'darkhelmet' with password 'ludicrousspeed' and roles 'darklord' and 'schwartz'
10 darkhelmet = ludicrousspeed, darklord,schwartz
11 # user 'lonestarr' with password 'vespa' and roles 'goodguy' and 'schwartz'
12 lonestarr = vespa, goodguy, schwartz
13 
14 # -----------------------------------------------------------------------------
15 # Roles with assigned permissions
16 # 
17 # Each line conforms to the format defined in the
18 # org.apache.shiro.realm.text.TextConfigurationRealm#setRoleDefinitions JavaDoc
19 # -----------------------------------------------------------------------------
20 [roles]
21 # 'admin' role has all permissions, indicated by the wildcard '*'
22 admin = *
23 # The 'schwartz' role can do anything (*) with any lightsaber:
24 schwartz = lightsaber:*
25 # The 'goodguy' role is allowed to 'drive' (action) the winnebago (type) with
26 # license plate 'eagle5' (instance specific id)
27 goodguy = winnebago:drive:eagle5

Code:

 1 package com.shiro.bean;
 2 
 3 import org.apache.shiro.SecurityUtils;
 4 import org.apache.shiro.authc.AuthenticationException;
 5 import org.apache.shiro.authc.IncorrectCredentialsException;
 6 import org.apache.shiro.authc.LockedAccountException;
 7 import org.apache.shiro.authc.UnknownAccountException;
 8 import org.apache.shiro.authc.UsernamePasswordToken;
 9 import org.apache.shiro.config.IniSecurityManagerFactory;
10 import org.apache.shiro.mgt.SecurityManager;
11 import org.apache.shiro.session.Session;
12 import org.apache.shiro.subject.Subject;
13 import org.apache.shiro.util.Factory;
14 import org.slf4j.Logger;
15 import org.slf4j.LoggerFactory;
16 
17 public class HelloWord {
18     private static final Logger log = LoggerFactory.getLogger(HelloWord.class);
19     public static void main(String[] args) {
20         String s = "/psp_gs/src/main/resources/trans/index.html";
21         System.out.println(s.substring(0,s.lastIndexOf("/" )));
 22          /* log.info("Test Log4j....");
 23          
24           * 1. Get the security manager
 25           * 2. Get user
 26           * 3. User authentication login
 27           * 4. Permission management
 28           * 5. Role management
 29           * 6. session
 30           
31          //1. Get security manager
 32          Factory<SecurityManager> factory = new IniSecurityManagerFactory(" classpath:shiro.ini");
 33          SecurityManager securityManager = factory.getInstance();
 34          //2. Set security manager
 35         SecurityUtils.setSecurityManager(securityManager);
 36          //3. Get the subject object
 37          Subject currentUser = SecurityUtils.getSubject();
 38          Session session = currentUser.getSession();
 39          
40          session.setAttribute("name", "Chen");
 41          
42          String value = (String)session.getAttribute("name");
 43          if(value != null)
 44              log.info("shiro has obtained the value in the session!");
 45          //Verify whether to log
 in 46          if(currentUser.isAuthenticated() == false){
 47              UsernamePasswordToken token = new UsernamePasswordToken("root",
"secret");
48              token.setRememberMe(true);
 49              try{
 50                  currentUser.login(token);
 51                  log.info("Authentication succeeded!");
 52              }catch(UnknownAccountException e){
 53                  log.info("Account does not exist!" );
 54              }catch(IncorrectCredentialsException e){
 55                  log.info("Incorrect account or password!");
 56              }catch(LockedAccountException e){
 57                  log.info("User is locked!");
 58              }catch( AuthenticationException e){
 59                  log.info("Authentication failed!");
60             }
61          }
 62          
63          if(currentUser.hasRole("goodguy"))
 64              log.info("Has goodguy role!");
 65          else
 66              log.info("No goodguy role!");
 67          
68          if(currentUser.isPermitted ("winnebago:drive:eagle5"))
 69              log.info("Have winnebago:drive:eagle5 permission!");
 70          else
 71              log.info("No winnebago:drive:eagle5 permission!");
 72          currentUser.logout (); */ 
73      }
 74      
75      
76 }

It is worth noting that:

1. The shiro framework encapsulates the user login information as a subject and obtains it through its own encapsulated tool class.

2. The above complex construction methods can be simplified by using the spring framework.